Skip to content
/ ThermometerEncoding Public

reproduction of Thermometer Encoding: One Hot Way To Resist Adversarial Examples in pytorch

16 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Flag-C/ThermometerEncoding

BranchesTags

Repository files navigation

ThermometerEncoding

This is a repo trying to reproduce Thermometer Encoding: One Hot Way To Resist Adversarial Examples in pytorch.

Results on CIFAR10

I use ResNet-50 to reproduce the experiment instead of a Wide-ResNet. All LS-PGA attack is 7-step iterative white-box attack. However, I find that if I increase the attack step-size, attack failure rate will drop dramatically.

clean LS-PGA $$\xi=0.01$$ LS-PGA $$\xi=0.1$$ LS-PGA $$\xi=1$$ results on the paper(LS-PGA) results on the paper(clean)
clean trained 91.52% 43.27% 3.14% 0.12% 50.50% 94.22%
adv trained 89.75% 74.00% 27.44% 15.02% 79.16% 89.88%

About

reproduction of Thermometer Encoding: One Hot Way To Resist Adversarial Examples in pytorch

Topics

security adversarial-machine-learning adversarial-example

Resources

Readme
Activity

Stars

16 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages